The NSA intercepts laptops ordered online to infect them with spyware

Douglas Crawford

December 30, 2013

The TAO (Tailored Access Operations) is an elite department of the NSA, ‘akin to the wunderkind of the US intelligence community’, who specialise in providing ‘access to our very hardest targets.’ Unlike the more widely publicised NSA dragnet operations designed to spy on just about everyone, the TOA targets individuals and specific systems, especially where tailored solutions are needed to overcome anti-spying measures.

One of the TAO’s favoured methods is to infect computers with malware, which can not just spy on targets’ email, web habits, phone calls, VoIP, and IM chats, but can subvert routers firewalls, switches (and more) so that data transmitted to these devices is instead routed to the NSA. A high profile example of this was the revelation in September that engineers at Belgacom, a Belgian telecoms company whose customers include the European Commission, the European Council and the European Parliament, had their computes infected with malware which redirected the engineers to a fake LinkedIn page.

In November it was reported that over 50,000 computers were already known to be infected with NSA spyware, and by the end of 2013 this number could be as many as 85,000.

A new article by newspaper Der Speigel, which has access to documents released by whistle blower Edward Snowden, discusses some of the high-tech methods used by the TAO to infect computers, but one thing which caught our eye is the low-tech method of simply intercepting laptops purchased online, and infecting them with malware before ensuring they are delivered as normal.

Perhaps because sophisticated high-tech attacks seem too divorced from ordinary experience we find this news particularly chilling, as it brings home the harsh, privacy-invading Orwellian reality of what the NSA gets up to.

Apparently, if a target (be it an individual, group, or company) orders a computer ‘or related accessories’, the shipment can be diverted by the TAO (a process known as ‘interdiction) to ‘load-stations’ where malware, and sometimes even hardware components, are added to system to provide the NSA with backdoor access that can be exploited from a remote computer. This method is described as being one of the NSA’s ‘most productive operations’, and although it mainly targets computers purchased from US companies, it gives the TAO access to systems ‘around the world’.

To be honest, if the TAO has you its sights then you can kiss your privacy goodbye. Most us however, are fortunate enough not on that list, and with the use of VPN (or Tor), end-to-end encrypted email, chat, VoIP, encrypted file storage and suchlike (see our Ultimate Privacy Guide for a much more in-depth look at this subject), we can fight back against NSA intrusion and take useful measures to evade the NSA’s dragnet surveillance.